The Institute of Risk Management 


NASA’s Risk Management 
System 

Jeevan S. Perera, PhD, JD 
National Aeronautics and Space Administration 
Lyndon B. Johnson Space Centre 
Houston, Texas 77058 

Tuesday, 22 March 2011 


The views/content expressed in this 
presentation are solely the Author and do 
not necessarily represent NASA's 
positions, strategies or opinions 


irm 

4 


leading the risk protest 



The Institute of Risk Management 


Agenda 

NASA’s Current Environment 

Space Exploration Systems 
Short Video 

NASA’s Risk Management Paradigm 
Risk Management Lesson Learnt 
Summary 
Q&A 


The Institute of Risk Management 



Exploration Strategy Themes 



Pursue scientific activities to address fundamental 
questions about the solar system, the universe, and our 
place in them 

Extend sustained human presence to beyond Earth 

Use near Earth destinations to prepare for future 
human and robotic missions to Mars and other 
destinations 

Expand Earth’s economic sphere with direct benefits to 
life on Earth 

Strengthen existing and create new global partnerships 
Engage, inspire, and educate the public 
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NASA’s Current Uncertain Environment 


President Bush’s Proposal in 2004 

Design, develop and fly the Shuttle replacement vehicle (Orion: Crew Exploration 
Vehicle) by 2015 

Return to the Moon around 2020 

Extend human presence across the solar system and beyond (starting with Mars) 
President Obama’s Proposal in 2010: 

Collaboration with commercial sector to develop and operate “taxi services” to low-earth 
orbit (Shuttle replacement) - SpaceX (Falcon 9), Orbital (Taurus II), 

Developing technologies vs. developing systems (NACA) 

• Fund technology aimed at enabling future deep-space exploration systems including new 
types of rocket engines /propulsion, heavy-lift launch vehicles, fueling spacecraft in orbit (on- 
orbit fuelling stations), etc 

• Enhance robotic exploration of space (including precursors to human missions) 

• Research and development of remote autonomous space factories for in-situ utilization 

Develop a simplified MPCV vehicle to provide multipurpose utility for space explorations. 
Also, use MPCV as part of the technological foundation for advanced spacecraft for 
future deep space missions. 

Human exploration to asteroids (2025) and eventually Mars (2030s) 

Foster more International collaboration on future missions/projects (e.g. ISS) 

Initiate development of a heavy-lift launch vehicle in 2012 
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280k lb LOx/LH 2 


5-Segment 
Reusable Solid 
Rocket Booster 
(RSRB) 


Space Shuttle Ares I 

Height: 184.2 ft Height: 321ft 

Gross Liftoff Mass: 4.5M lb Gross Liftoff Mass: 2.0M lb 


Crew 


Lander 




S-IVB 

(l j-2 engine) 

240k lb Lox/LH, 


(5 J-2 engines) 

1M lb LOx/LH, 


S-IC 

(5F-1) 

3.9M lb LOx/RP 


Saturn V 

Height: 364 ft 
Gross Liftoff Mass: 6.5M lb 



Dragon 

Volume: 245 ft 3 (pressurized) 
Payload Up Mass: 13Klbm 
Up to 7 crewmembers 
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2 nd Stage 
(1 SpaceX Merlin) 
LOx&RP-l 


1 st Stage 

(9 SpaceX Merlin) 


Falcon 9 


Height: 180 ft 
Gross Liftoff Mass: 0.7M lb 


55k Ibm to LEO 48k Ibm to LEO 99k Ibm to TLI 



23k Ibm to LEO 
10k Ibm to GTO 
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Multi-Purpose Crew Vehicle (CEV) 

Requirements similar to Apollo 

Simpler design, higher reliability/safety, broader missions, faster and cheaper 
development 

Separate Crew Module and Service Module 
Variable Crew size 

Deliver a quality design that ensures simplicity and addresses all aspects of 
human spacecraft development, certification, operations and safety 

Meet objectives within an established cost, schedule, and technical baseline. 
Maximize the use of existing technology in the design and production of the CEV. 

Base the vehicle design on an Open Systems Architecture for varied flexibility. 
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Video Clip 
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Risk Management Paradigm 

▲ 
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Sources of Risk 


Equipment 

Failure 


External 

Events 


Human 

Errors 


Institutional 

Failure 
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RM Tools & Techniques 

QUANTITATIVE 

Stochastic and Deterministic Modeling 
Cause & Effects Analysis 

Systems Engineering Analysis and Risk Assessments 

QUALITITATIVE 

Root Cause Analysis 

Hazard Analysis 
Brainstorming 

Process Mapping and Analysis (Human Factors) 
Taxonomy-Based Questionnaires 
Pareto Method 
Affinity Grouping 
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Enterprise Risk Management 

Primary purpose of ERM is to improve the quality of decision-making throughout the 
organization 

Help prioritize strategic and operational decisions 
Ensure planned objectives & missions are fully achieved 
Synthesize projects and allocate risk and agency resources optimally 
Improve mission & project performance to meet agency goals 

Treating risks in a holistic manner 

Managing all risks and their interactions effectively (not just within silos). Done at the agency level not 
just at the traditional project or program level 

Risk management becomes part of overall project management with comprehensive, structured and 
integrated processes 

Integrated and synthesize Risks & Opportunities, Contingency Planning, Crisis Management, Continuity 
of Operations, Disaster Recovery, etc. 

Facilitate structured communications throughout the organization and with all stakeholders (internal & 
external) - avoid filtering of information 
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Risk Management Implementation 
Strategy 

Covers all phases of the life cycle 

Provide a risk management communication infrastructure to store, analyze and deal with 
problems proactively - overlay on existing management infrastructure 

Deploy the risk process, tools and systems within the whole enterprise and integrate with other 
management systems 

Require risk identification and management to occur in a tiered, integrated, structured 
manner 

Remove roadblocks preventing entry into risk management system (ensure risk management 
accessible to all levels of the organization) 

Analyze and individually quantify the risk consequence categories (e.g., Safety, Performance, 
Schedule, & Cost) for comprehensive understanding of risk impacts - to aid in risk prioritization 

Analyze how individual risks aggregate or are interrelated. Look for systemic problems and overall 
trends. 

Manage risks by developing appropriate risk handling/mitigation strategies (assign resources based 
on prioritization) & then monitor/control 

Accountability - assign risk ownership to the individual best suited to effectuate effective closure 
(usually the technical expert). Risk owner is responsible for shepherding the risk through closure and 
coordinating with all players. 

Dissenting opinions are encouraged - they are documented and evaluated within the standard risk 
processes 
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Risk Management Implementation 
Strategy 

Prioritize and escalate risks appropriately, only escalate issues that need resolution from 
above 

Prioritization includes Cost/Benefit Analysis 

Information is flowed up, resources and prioritizations are flowed down, while coordination is made 
with all responsible stakeholders 

Manage risks at the lowest level possible where the subject matter experts are and where it is the 
easiest to implement risk mitigation strategies and monitor its effectiveness 

Ensure that risks receive the appropriate level of management review and resources to effectively 
mitigate significant threats as early as possible (as cheaply as possible 

Criteria for Risk escalation (to the next level): Risks should be elevated to the next level 
control board for discussion if: 

A decision is needed by the next level management or higher 
Additional resources are required to effectively mitigate the risk 

Coordination/Integration is needed with other organizations/stakeholders outside the current level 
Awareness or visibility by the next level management or higher is generally needed 

Ongoing monitoring activities are conducted to periodically reassess risk and the 
effectiveness of controls to manage risk 
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Risk Coordination and Integration 



Program Manager 


Project Managers 


Element Managers 


System Managers 


Team Members 



Contractors/suppliers/ 

vendors 


Coordination and Integration 
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ORION [CEVJ RISK SCORECARD 


LIKELIHOOD RATING 1 

5 

Qualitative: Likely to occur. 

Very High 

Quantitative: 10"! <P |for risks with primary impact an human safety) or P>50% 
[for risks with primary impact an cost, schedule, or performance! 

*4 

Qualitative: Probably will occur. 

High 

Quantitative: 1 0'^' <P£l 0'^ (for risks with primary impact on human safety! or 
33%<P;^50% (for nsks with primar r ' impact an cost, schedule, or performance; 

3 

Qua itative: May occur. 

Moderate 

Quantitative: 1 0'^ <P<10"^ .‘fcr risks wflti primary impact on human safety; or 
1 0%-cPs:33% (far risks 'with pnmary impact on cost, schedule, or performance) 

2 

Qua itative: Unlikely to occur. 

Low 

Quanlitative: 10"^ <P<10"^ (far risks -vifh pnmary impact on human safety) or 
1%<P^.10% |for risks with primary impact on cost, schedule, or performance! 

1 

Qualitative: Occurence improbable. 

1 Very Low 

Quantitative: PilO“* |for risks with primary impact on human safety] or 
P< 1% [for risks with primary impact on cost, schedule, or performance; 
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CONSEQUENCES 
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TIM EF RAMI 


Near 

0 to 3 months 

Mid 

3 to 9 months 

Far 

> 9 months 


Time to Initiate 
Handling Strategy 


Conseqeuence 1 

, Rating Very Low 


Moderate 


Very High 
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Personnel 

A condition that could cause the 
need tor minor first aid treatment 
though would not adversely affect 
personal safety or health 
[Class IV) 

A condition that may cause 
minor inquiry or occupational 
illness. 

(Class 911) 

A condition that may cause severe 
injury or occupational illness 
(Class II) 

A condition that may cause 
permanently disabling injury 
(Class l-B) 

A condition that may cause death or 
lass of crew 
1 Class I-AI 

Facilities, 
Equipment, or 
Other Assets 

A condition that subjects 
facilities, equipment, or flight 
hardware to more than 
normal wear and fear [Class IV) 

A condition that may cause 
minor property damage to 
facilities, systems, equipment, 
or flight hardware [Class III) 

A condition that may cause major 
property damage to facilities, 
systems, equipment, or flight 
hardware (Class II) 

A condition that may cause 
destruction of non critical facilities 
or assets 
(Class l-B) 

A condition tha: may cause destruction 
of critical facilities on the ground, 
major systems, or vehicle during the 
mission (Class l-A) 

Environment 

Negligible OSH A/E PA 
vio ati or - non reportable 

Minor reportable OSHA/EPA 
violation 

Moderate OSHA/EPA violation 
■which requires immediate 
remediation 

Major QSHA/EPA violation 
causing tempo ran/ stoppage 

Serious or repeat OSHA/EPA violations 
resulting in action terminating project 

PERFORMANCE 

(Mission Success) 
Including impacts to 
operations and supportability 

Negligible impact to 
requirements, mission 
objectives or technical goals 

Minor Impact lo requirements, 
mission objectives or technical 
goals 

Moderate impact to requirements, 
mission ob[e-ctives or technical 
goa Is 

Major impact to requirements, 
mission objectives or technical 
goals 

Technical goals not achievable with 
existing engineering capabilities/ 
technologies 

COST 

■rSIOOK 

(Negligible impact to budget) 

>51 OQK but <5 1M 
(Minor impact to budget) 

>J!M but <5 1 GM 
(Moderate impact to budget) 

_ >S10M buf <$50M 
(Major impact to budget) 

> 55 OM 

[Possible project cancellation) 

SCHEDULE 

Negligible schedule impact 

Minor overall schedule impact 
(Accommodate with reserve, no 
impact to critical path! 

<1 month impact fa critical path/ 
milestones 

>1 and <5 month impact to 
critical path/milestones 

>5 month impact to critical path/ 
milestones or possible 
project cancellation 


September 2 GO 6 
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Risk Management Lessons Learnt 

Risk management supported by leadership, team members and stakeholders and active involvement by 
all 

Uses it and promotes it 

A well defined, structured and understood risk management processes and tools 

A formally documented risk management process 

Comprehensive and structured risks identification processes and tools 

Proper incentives and disincentives to foster good practices 

All team-members are expected to participate in risk management 

Not overly complex, must be understood and used (minimize overhead & foster adherence) 

A proactive risk training program 

Continuous and iterative assessment of risks 

Provide elements of independence of the risk analysis function from the program/project 

Integrated with program/project decision-making processes (RIDM) 

Continuous, event-driven technical reviews (incl project milestones) to help define a program that satisfies the customer’s 
needs within acceptable risk 

Continuous prioritization, assessments and mitigation planning and appropriate funding 

Risk management integral to the acquisition process 

A continuous process improvement strategy that monitors and improves risk management processes 
and tools 

Weaving Risk Management into the cultural fabric of the organization is critical, but difficult 
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Summary 

You must lead the risk profession - leadership is key to success 

Phased-approach for implementation of risk management is necessary 

Risk management system will be simple, accessible and promote communication of 
information to all relevant stakeholders for optimal resource allocation and risk mitigation 

Risk management should be used by all team members to manage risks - risk office personnel 

Each group is assigned Risk Integrators who are facilitators for effective risk management 

Risks will be managed at the lowest-level feasible, elevate only those risks that require coordination or 
management from above 

Risk reporting and communication is an essential element of risk management and will 
combine both qualitative and quantitative elements 

Risk informed decision making should be introduced to all levels of management 

Provide necessary checks and balances to insure that risks are caught/identified and 
dealt with in a timely manner 

Many supporting tools, processes & training must be deployed for effective risk 
management implementation 

Process improvement must be included in the risk processes 
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Questions? 
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Email: jeevan.s.perera@nasa.gov 

Tel: +1 713 444 9136 
Fax: +1 (413)487-9371 


The Institute of Risk Management 

6 Lloyd’s Avenue 

London 

EC3N 3 AX 

United Kingdom 
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